refactor(Maven): Move extension functions to a separate file

This makes the functions easier to find, and it also breaks a cyclic
dependency between `MavenSupport` and `LocalProjectWorkspaceReader`.

Signed-off-by: Oliver Heger <oliver.heger@bosch.io>

Author: oheger-bosch

plugins/package-managers/maven/src/main/kotlin/utils/Extensions.kt

@@ -0,0 +1,82 @@
+/*
+ * Copyright (C) 2017 The ORT Project Authors (see <https://github.com/oss-review-toolkit/ort/blob/main/NOTICE>)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * License-Filename: LICENSE
+ */
+
+package org.ossreviewtoolkit.plugins.packagemanagers.maven.utils
+
+import org.apache.maven.artifact.repository.Authentication
+import org.apache.maven.bridge.MavenRepositorySystem
+import org.apache.maven.repository.Proxy
+
+import org.eclipse.aether.RepositorySystemSession
+import org.eclipse.aether.artifact.Artifact
+import org.eclipse.aether.repository.AuthenticationContext
+import org.eclipse.aether.repository.RemoteRepository
+
+fun Artifact.identifier() = "$groupId:$artifactId:$version"
+
+/**
+ * Convert this [RemoteRepository] to a repository in the format used by the Maven Repository System.
+ * Make sure that all relevant properties are set, especially the proxy and authentication.
+ */
+internal fun RemoteRepository.toArtifactRepository(
+    repositorySystemSession: RepositorySystemSession,
+    repositorySystem: MavenRepositorySystem,
+    id: String
+) = repositorySystem.createRepository(url, id, true, null, true, null, null).apply {
+    this@toArtifactRepository.proxy?.also { repoProxy ->
+        proxy = Proxy().apply {
+            host = repoProxy.host
+            port = repoProxy.port
+            protocol = repoProxy.type
+            toMavenAuthentication(
+                AuthenticationContext.forProxy(
+                    repositorySystemSession,
+                    this@toArtifactRepository
+                )
+            )?.also { authentication ->
+                userName = authentication.username
+                password = authentication.password
+            }
+        }
+    }
+
+    this@toArtifactRepository.authentication?.also {
+        authentication = toMavenAuthentication(
+            AuthenticationContext.forRepository(
+                repositorySystemSession,
+                this@toArtifactRepository
+            )
+        )
+    }
+}
+
+/**
+ * Return authentication information for an artifact repository based on the given [authContext]. The
+ * libraries involved use different approaches to model authentication.
+ */
+private fun toMavenAuthentication(authContext: AuthenticationContext?): Authentication? =
+    authContext?.let {
+        Authentication(
+            it[AuthenticationContext.USERNAME],
+            it[AuthenticationContext.PASSWORD]
+        ).apply {
+            passphrase = it[AuthenticationContext.PRIVATE_KEY_PASSPHRASE]
+            privateKey = it[AuthenticationContext.PRIVATE_KEY_PATH]
+        }
+    }

plugins/package-managers/maven/src/main/kotlin/utils/MavenSupport.kt

@@ -26,7 +26,6 @@ import java.net.URI
 import kotlin.time.Duration.Companion.hours
 
 import org.apache.logging.log4j.kotlin.logger
-import org.apache.maven.artifact.repository.Authentication
 import org.apache.maven.artifact.repository.LegacyLocalRepositoryManager
 import org.apache.maven.bridge.MavenRepositorySystem
 import org.apache.maven.execution.DefaultMavenExecutionRequest
@@ -43,7 +42,6 @@ import org.apache.maven.project.ProjectBuildingException
 import org.apache.maven.project.ProjectBuildingRequest
 import org.apache.maven.project.ProjectBuildingResult
 import org.apache.maven.properties.internal.EnvironmentUtils
-import org.apache.maven.repository.Proxy
 import org.apache.maven.session.scope.internal.SessionScope
 
 import org.codehaus.plexus.DefaultContainerConfiguration
@@ -60,7 +58,6 @@ import org.eclipse.aether.artifact.Artifact
 import org.eclipse.aether.artifact.DefaultArtifact
 import org.eclipse.aether.impl.RemoteRepositoryManager
 import org.eclipse.aether.impl.RepositoryConnectorProvider
-import org.eclipse.aether.repository.AuthenticationContext
 import org.eclipse.aether.repository.RemoteRepository
 import org.eclipse.aether.repository.WorkspaceReader
 import org.eclipse.aether.resolution.ArtifactDescriptorRequest
@@ -93,8 +90,6 @@ import org.ossreviewtoolkit.utils.ort.okHttpClient
 import org.ossreviewtoolkit.utils.ort.ortDataDirectory
 import org.ossreviewtoolkit.utils.ort.showStackTrace
 
-fun Artifact.identifier() = "$groupId:$artifactId:$version"
-
 /**
  * Return the path to this file or a corresponding message if the file is unknown.
  */
@@ -644,57 +639,6 @@ internal fun isTychoProject(file: File): Boolean {
     } == true
 }
 
-/**
- * Convert this [RemoteRepository] to a repository in the format used by the Maven Repository System.
- * Make sure that all relevant properties are set, especially the proxy and authentication.
- */
-internal fun RemoteRepository.toArtifactRepository(
-    repositorySystemSession: RepositorySystemSession,
-    repositorySystem: MavenRepositorySystem,
-    id: String
-) = repositorySystem.createRepository(url, id, true, null, true, null, null).apply {
-    this@toArtifactRepository.proxy?.also { repoProxy ->
-        proxy = Proxy().apply {
-            host = repoProxy.host
-            port = repoProxy.port
-            protocol = repoProxy.type
-            toMavenAuthentication(
-                AuthenticationContext.forProxy(
-                    repositorySystemSession,
-                    this@toArtifactRepository
-                )
-            )?.also { authentication ->
-                userName = authentication.username
-                password = authentication.password
-            }
-        }
-    }
-
-    this@toArtifactRepository.authentication?.also {
-        authentication = toMavenAuthentication(
-            AuthenticationContext.forRepository(
-                repositorySystemSession,
-                this@toArtifactRepository
-            )
-        )
-    }
-}
-
-/**
- * Return authentication information for an artifact repository based on the given [authContext]. The
- * libraries involved use different approaches to model authentication.
- */
-private fun toMavenAuthentication(authContext: AuthenticationContext?): Authentication? =
-    authContext?.let {
-        Authentication(
-            it[AuthenticationContext.USERNAME],
-            it[AuthenticationContext.PASSWORD]
-        ).apply {
-            passphrase = it[AuthenticationContext.PRIVATE_KEY_PASSPHRASE]
-            privateKey = it[AuthenticationContext.PRIVATE_KEY_PATH]
-        }
-    }
-
 /**
  * Return true if an artifact that has not been requested from Maven Central is also available on Maven Central
  * but with a different hash, otherwise return false.

plugins/package-managers/maven/src/test/kotlin/utils/ExtensionsTest.kt

@@ -0,0 +1,162 @@
+/*
+ * Copyright (C) 2025 The ORT Project Authors (see <https://github.com/oss-review-toolkit/ort/blob/main/NOTICE>)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * License-Filename: LICENSE
+ */
+
+@file:Suppress("DEPRECATION") // Required for the deprecated ArtifactRepository interface.
+
+package org.ossreviewtoolkit.plugins.packagemanagers.maven.utils
+
+import io.kotest.core.spec.style.WordSpec
+import io.kotest.matchers.shouldBe
+
+import io.mockk.every
+import io.mockk.just
+import io.mockk.mockk
+import io.mockk.runs
+import io.mockk.slot
+import io.mockk.verify
+
+import org.apache.maven.artifact.repository.Authentication
+import org.apache.maven.bridge.MavenRepositorySystem
+import org.apache.maven.repository.Proxy as MavenProxy
+
+import org.eclipse.aether.RepositorySystemSession
+import org.eclipse.aether.repository.Proxy
+import org.eclipse.aether.repository.RemoteRepository
+import org.eclipse.aether.util.repository.AuthenticationBuilder
+
+class ExtensionsTest : WordSpec({
+    "toArtifactRepository()" should {
+        "create a plain artifact repository from a remote repository" {
+            val repositoryId = "aTestRepository"
+            val repository = RemoteRepository.Builder("ignoredId", null, REPOSITORY_URL).build()
+
+            val session = mockk<RepositorySystemSession>()
+            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository>()
+            val repositorySystem = mockk<MavenRepositorySystem> {
+                every {
+                    createRepository(REPOSITORY_URL, repositoryId, true, null, true, null, null)
+                } returns artifactRepository
+            }
+
+            repository.toArtifactRepository(session, repositorySystem, repositoryId) shouldBe artifactRepository
+        }
+
+        "create an artifact repository with a configured proxy" {
+            val repository = RemoteRepository.Builder("someId", "someType", REPOSITORY_URL)
+                .setProxy(Proxy("http", "proxy.example.com", 8080))
+                .build()
+
+            val session = mockk<RepositorySystemSession>()
+            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository> {
+                every { proxy = any() } just runs
+            }
+
+            val repositorySystem = mockk<MavenRepositorySystem> {
+                every {
+                    createRepository(any(), any(), true, null, true, null, null)
+                } returns artifactRepository
+            }
+
+            repository.toArtifactRepository(session, repositorySystem, "id") shouldBe artifactRepository
+
+            val slotProxy = slot<MavenProxy>()
+            verify {
+                artifactRepository.proxy = capture(slotProxy)
+            }
+
+            with(slotProxy.captured) {
+                host shouldBe "proxy.example.com"
+                port shouldBe 8080
+                protocol shouldBe "http"
+            }
+        }
+
+        "create an artifact repository with authentication" {
+            val repository = RemoteRepository.Builder("someId", "someType", REPOSITORY_URL)
+                .setAuthentication(
+                    AuthenticationBuilder()
+                        .addUsername("scott")
+                        .addPassword("tiger".toCharArray())
+                        .addPrivateKey("privateKeyPath", "passphrase")
+                        .build()
+                ).build()
+
+            val session = mockk<RepositorySystemSession>()
+            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository> {
+                every { authentication = any() } just runs
+            }
+
+            val repositorySystem = mockk<MavenRepositorySystem> {
+                every {
+                    createRepository(any(), any(), true, null, true, null, null)
+                } returns artifactRepository
+            }
+
+            repository.toArtifactRepository(session, repositorySystem, "id") shouldBe artifactRepository
+
+            val slotAuth = slot<Authentication>()
+            verify {
+                artifactRepository.authentication = capture(slotAuth)
+            }
+
+            with(slotAuth.captured) {
+                username shouldBe "scott"
+                password shouldBe "tiger"
+                privateKey shouldBe "privateKeyPath"
+                passphrase shouldBe "passphrase"
+            }
+        }
+
+        "create an artifact repository with a configured proxy that requires authentication" {
+            val proxyAuth = AuthenticationBuilder()
+                .addUsername("proxyUser")
+                .addPassword("proxyPassword".toCharArray())
+                .build()
+            val repository = RemoteRepository.Builder("someId", "someType", REPOSITORY_URL)
+                .setProxy(Proxy("http", "proxy.example.com", 8080, proxyAuth))
+                .build()
+
+            val session = mockk<RepositorySystemSession>()
+            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository> {
+                every { proxy = any() } just runs
+            }
+
+            val repositorySystem = mockk<MavenRepositorySystem> {
+                every {
+                    createRepository(any(), any(), true, null, true, null, null)
+                } returns artifactRepository
+            }
+
+            repository.toArtifactRepository(session, repositorySystem, "id") shouldBe artifactRepository
+
+            val slotProxy = slot<MavenProxy>()
+            verify {
+                artifactRepository.proxy = capture(slotProxy)
+            }
+
+            with(slotProxy.captured) {
+                userName shouldBe "proxyUser"
+                password shouldBe "proxyPassword"
+            }
+        }
+    }
+})
+
+/** A test repository URL. */
+private const val REPOSITORY_URL = "https://example.com/repo"

plugins/package-managers/maven/src/test/kotlin/utils/MavenSupportTest.kt

@@ -23,143 +23,9 @@ import io.kotest.core.spec.style.WordSpec
 import io.kotest.engine.spec.tempdir
 import io.kotest.matchers.shouldBe
 
-import io.mockk.every
-import io.mockk.just
-import io.mockk.mockk
-import io.mockk.runs
-import io.mockk.slot
-import io.mockk.verify
-
-import org.apache.maven.artifact.repository.Authentication
-import org.apache.maven.bridge.MavenRepositorySystem
-import org.apache.maven.repository.Proxy as MavenProxy
-
-import org.eclipse.aether.RepositorySystemSession
-import org.eclipse.aether.repository.Proxy
-import org.eclipse.aether.repository.RemoteRepository
-import org.eclipse.aether.util.repository.AuthenticationBuilder
-
 import org.ossreviewtoolkit.plugins.packagemanagers.maven.addTychoExtension
 
 class MavenSupportTest : WordSpec({
-    @Suppress("DEPRECATION") // For deprecated ArtifactRepository interface.
-    "toArtifactRepository()" should {
-        "create a plain artifact repository from a remote repository" {
-            val repositoryId = "aTestRepository"
-            val repositoryUrl = "https://example.com/repo"
-            val repository = RemoteRepository.Builder("ignoredId", null, repositoryUrl).build()
-
-            val session = mockk<RepositorySystemSession>()
-            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository>()
-            val repositorySystem = mockk<MavenRepositorySystem> {
-                every {
-                    createRepository(repositoryUrl, repositoryId, true, null, true, null, null)
-                } returns artifactRepository
-            }
-
-            repository.toArtifactRepository(session, repositorySystem, repositoryId) shouldBe artifactRepository
-        }
-
-        "create an artifact repository with a configured proxy" {
-            val repository = RemoteRepository.Builder("someId", "someType", "https://example.com/repo")
-                .setProxy(Proxy("http", "proxy.example.com", 8080))
-                .build()
-
-            val session = mockk<RepositorySystemSession>()
-            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository> {
-                every { proxy = any() } just runs
-            }
-
-            val repositorySystem = mockk<MavenRepositorySystem> {
-                every {
-                    createRepository(any(), any(), true, null, true, null, null)
-                } returns artifactRepository
-            }
-
-            repository.toArtifactRepository(session, repositorySystem, "id") shouldBe artifactRepository
-
-            val slotProxy = slot<MavenProxy>()
-            verify {
-                artifactRepository.proxy = capture(slotProxy)
-            }
-
-            with(slotProxy.captured) {
-                host shouldBe "proxy.example.com"
-                port shouldBe 8080
-                protocol shouldBe "http"
-            }
-        }
-
-        "create an artifact repository with authentication" {
-            val repository = RemoteRepository.Builder("someId", "someType", "https://example.com/repo")
-                .setAuthentication(
-                    AuthenticationBuilder()
-                        .addUsername("scott")
-                        .addPassword("tiger".toCharArray())
-                        .addPrivateKey("privateKeyPath", "passphrase")
-                        .build()
-                ).build()
-
-            val session = mockk<RepositorySystemSession>()
-            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository> {
-                every { authentication = any() } just runs
-            }
-
-            val repositorySystem = mockk<MavenRepositorySystem> {
-                every {
-                    createRepository(any(), any(), true, null, true, null, null)
-                } returns artifactRepository
-            }
-
-            repository.toArtifactRepository(session, repositorySystem, "id") shouldBe artifactRepository
-
-            val slotAuth = slot<Authentication>()
-            verify {
-                artifactRepository.authentication = capture(slotAuth)
-            }
-
-            with(slotAuth.captured) {
-                username shouldBe "scott"
-                password shouldBe "tiger"
-                privateKey shouldBe "privateKeyPath"
-                passphrase shouldBe "passphrase"
-            }
-        }
-
-        "create an artifact repository with a configured proxy that requires authentication" {
-            val proxyAuth = AuthenticationBuilder()
-                .addUsername("proxyUser")
-                .addPassword("proxyPassword".toCharArray())
-                .build()
-            val repository = RemoteRepository.Builder("someId", "someType", "https://example.com/repo")
-                .setProxy(Proxy("http", "proxy.example.com", 8080, proxyAuth))
-                .build()
-
-            val session = mockk<RepositorySystemSession>()
-            val artifactRepository = mockk<org.apache.maven.artifact.repository.ArtifactRepository> {
-                every { proxy = any() } just runs
-            }
-
-            val repositorySystem = mockk<MavenRepositorySystem> {
-                every {
-                    createRepository(any(), any(), true, null, true, null, null)
-                } returns artifactRepository
-            }
-
-            repository.toArtifactRepository(session, repositorySystem, "id") shouldBe artifactRepository
-
-            val slotProxy = slot<MavenProxy>()
-            verify {
-                artifactRepository.proxy = capture(slotProxy)
-            }
-
-            with(slotProxy.captured) {
-                userName shouldBe "proxyUser"
-                password shouldBe "proxyPassword"
-            }
-        }
-    }
-
     "isTychoProject()" should {
         "return true if the Tycho extension is found" {
             val projectDir = tempdir()